-
Notifications
You must be signed in to change notification settings - Fork 310
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aya: Implement .kconfig support #1017
base: main
Are you sure you want to change the base?
Changes from all commits
f66a1b8
9ce9fec
c6b0e69
457b57a
04d9921
d95a456
8179853
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,11 +18,12 @@ use crate::{ | |
info::{FuncSecInfo, LineSecInfo}, | ||
relocation::Relocation, | ||
Array, BtfEnum, BtfKind, BtfMember, BtfType, Const, Enum, FuncInfo, FuncLinkage, Int, | ||
IntEncoding, LineInfo, Struct, Typedef, Union, VarLinkage, | ||
IntEncoding, LineInfo, Struct, Typedef, Union, Var, VarLinkage, | ||
}, | ||
generated::{btf_ext_header, btf_header}, | ||
generated::{bpf_map_type, btf_ext_header, btf_header, BPF_F_RDONLY_PROG}, | ||
maps::{bpf_map_def, LegacyMap}, | ||
util::{bytes_of, HashMap}, | ||
Object, | ||
EbpfSectionKind, Map, Object, | ||
}; | ||
|
||
pub(crate) const MAX_RESOLVE_DEPTH: u8 = 32; | ||
|
@@ -157,6 +158,20 @@ pub enum BtfError { | |
/// unable to get symbol name | ||
#[error("Unable to get symbol name")] | ||
InvalidSymbolName, | ||
|
||
/// external symbol is invalid | ||
#[error("Invalid extern symbol `{symbol_name}`")] | ||
InvalidExternalSymbol { | ||
/// name of the symbol | ||
symbol_name: String, | ||
}, | ||
|
||
/// external symbol not found | ||
#[error("Extern symbol not found `{symbol_name}`")] | ||
ExternalSymbolNotFound { | ||
/// name of the symbol | ||
symbol_name: String, | ||
}, | ||
} | ||
|
||
/// Available BTF features | ||
|
@@ -463,6 +478,57 @@ impl Btf { | |
}) | ||
} | ||
|
||
pub(crate) fn type_align(&self, root_type_id: u32) -> Result<usize, BtfError> { | ||
let mut type_id = root_type_id; | ||
for _ in 0..MAX_RESOLVE_DEPTH { | ||
let ty = self.types.type_by_id(type_id)?; | ||
let size = match ty { | ||
BtfType::Array(Array { array, .. }) => { | ||
type_id = array.element_type; | ||
continue; | ||
} | ||
BtfType::Struct(Struct { size, members, .. }) | ||
| BtfType::Union(Union { size, members, .. }) => { | ||
let mut max_align = 1; | ||
|
||
for m in members { | ||
let align = self.type_align(m.btf_type)?; | ||
max_align = usize::max(align, max_align); | ||
|
||
if ty.member_bit_field_size(m).unwrap() == 0 | ||
|| m.offset % (8 * align as u32) != 0 | ||
{ | ||
return Ok(1); | ||
} | ||
} | ||
|
||
if size % max_align as u32 != 0 { | ||
return Ok(1); | ||
} | ||
|
||
return Ok(max_align); | ||
} | ||
|
||
other => { | ||
if let Some(size) = other.size() { | ||
u32::min(BtfType::ptr_size(), size) | ||
} else if let Some(next) = other.btf_type() { | ||
type_id = next; | ||
continue; | ||
} else { | ||
return Err(BtfError::UnexpectedBtfType { type_id }); | ||
} | ||
} | ||
}; | ||
|
||
return Ok(size as usize); | ||
} | ||
|
||
Err(BtfError::MaximumTypeDepthReached { | ||
type_id: root_type_id, | ||
}) | ||
} | ||
|
||
/// Encodes the metadata as BTF format | ||
pub fn to_bytes(&self) -> Vec<u8> { | ||
// Safety: btf_header is POD | ||
|
@@ -473,6 +539,38 @@ impl Btf { | |
buf | ||
} | ||
|
||
pub(crate) fn get_extern_data_sec_entry_info( | ||
&self, | ||
target_var_name: &str, | ||
) -> Result<(String, Var), BtfError> { | ||
for t in &self.types.types { | ||
let BtfType::DataSec(d) = t else { | ||
continue; | ||
}; | ||
davibe marked this conversation as resolved.
Show resolved
Hide resolved
|
||
let sec_name = self.string_at(d.name_offset)?; | ||
|
||
for d in &d.entries { | ||
let BtfType::Var(var) = self.types.type_by_id(d.btf_type)? else { | ||
continue; | ||
}; | ||
|
||
if target_var_name == self.string_at(var.name_offset)? { | ||
if var.linkage == VarLinkage::Extern { | ||
return Ok((sec_name.into(), var.clone())); | ||
} else { | ||
return Err(BtfError::InvalidExternalSymbol { | ||
symbol_name: target_var_name.into(), | ||
}); | ||
} | ||
} | ||
} | ||
} | ||
|
||
Err(BtfError::ExternalSymbolNotFound { | ||
symbol_name: target_var_name.into(), | ||
}) | ||
} | ||
|
||
// This follows the same logic as libbpf's bpf_object__sanitize_btf() function. | ||
// https://github.com/libbpf/libbpf/blob/05f94ddbb837f5f4b3161e341eed21be307eaa04/src/libbpf.c#L2701 | ||
// | ||
|
@@ -610,6 +708,14 @@ impl Btf { | |
} | ||
}; | ||
e.offset = *offset as u32; | ||
|
||
if var.linkage == VarLinkage::Extern { | ||
davibe marked this conversation as resolved.
Show resolved
Hide resolved
|
||
let mut var = var.clone(); | ||
var.linkage = VarLinkage::Global; | ||
|
||
types.types[e.btf_type as usize] = BtfType::Var(var); | ||
} | ||
|
||
debug!( | ||
"{} {}: VAR {}: fixup offset {}", | ||
kind, name, var_name, offset | ||
|
@@ -730,6 +836,107 @@ impl Default for Btf { | |
} | ||
|
||
impl Object { | ||
fn patch_extern_data_internal( | ||
&mut self, | ||
externs: &HashMap<String, Vec<u8>>, | ||
) -> Result<Option<(SectionIndex, Vec<u8>)>, BtfError> { | ||
if let Some(ref mut obj_btf) = &mut self.btf { | ||
if obj_btf.is_empty() { | ||
return Ok(None); | ||
} | ||
|
||
let mut kconfig_map_index = 0; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What is going on here? This is overridden at line 856? |
||
|
||
for map in self.maps.values() { | ||
if map.section_index() >= kconfig_map_index { | ||
kconfig_map_index = map.section_index() + 1; | ||
} | ||
} | ||
|
||
let kconfig_map_index = self.maps.len(); | ||
|
||
let symbols = self | ||
.symbol_table | ||
.iter_mut() | ||
.filter(|(_, s)| s.name.is_some() && s.section_index.is_none() && s.is_external) | ||
.map(|(_, s)| (s.name.as_ref().unwrap().clone(), s)); | ||
|
||
let mut section_data = Vec::<u8>::new(); | ||
let mut offset = 0u64; | ||
let mut has_extern_data = false; | ||
|
||
for (name, symbol) in symbols { | ||
let (datasec_name, var) = obj_btf.get_extern_data_sec_entry_info(&name)?; | ||
|
||
if datasec_name == ".kconfig" { | ||
has_extern_data = true; | ||
|
||
let type_size = obj_btf.type_size(var.btf_type)?; | ||
let type_align = obj_btf.type_align(var.btf_type)? as u64; | ||
|
||
let mut external_value_opt = externs.get(&name); | ||
let empty_data = vec![0; type_size]; | ||
|
||
if external_value_opt.is_none() && symbol.is_weak { | ||
external_value_opt = Some(&empty_data); | ||
} | ||
|
||
if let Some(data) = external_value_opt { | ||
symbol.address = (offset + (type_align - 1)) & !(type_align - 1); | ||
symbol.size = type_size as u64; | ||
symbol.section_index = Some(kconfig_map_index); | ||
|
||
section_data.resize((symbol.address - offset) as usize, 0); | ||
|
||
self.symbol_offset_by_name.insert(name, symbol.address); | ||
offset = symbol.address + section_data.len() as u64; | ||
section_data.extend(data); | ||
} else { | ||
return Err(BtfError::ExternalSymbolNotFound { symbol_name: name }); | ||
} | ||
} | ||
} | ||
|
||
if has_extern_data { | ||
self.section_infos.insert( | ||
".kconfig".into(), | ||
(SectionIndex(kconfig_map_index), section_data.len() as u64), | ||
); | ||
|
||
return Ok(Some((SectionIndex(kconfig_map_index), section_data))); | ||
} | ||
} | ||
Ok(None) | ||
} | ||
|
||
/// Patches extern data | ||
pub fn patch_extern_data( | ||
&mut self, | ||
externs: &HashMap<String, Vec<u8>>, | ||
) -> Result<(), BtfError> { | ||
if let Some((section_index, data)) = self.patch_extern_data_internal(externs)? { | ||
self.maps.insert( | ||
".kconfig".into(), | ||
Map::Legacy(LegacyMap { | ||
def: bpf_map_def { | ||
map_type: bpf_map_type::BPF_MAP_TYPE_ARRAY as u32, | ||
key_size: mem::size_of::<u32>() as u32, | ||
value_size: data.len() as u32, | ||
max_entries: 1, | ||
map_flags: BPF_F_RDONLY_PROG, | ||
..Default::default() | ||
}, | ||
section_index: section_index.0, | ||
section_kind: EbpfSectionKind::Rodata, | ||
symbol_index: None, | ||
data, | ||
}), | ||
); | ||
} | ||
|
||
Ok(()) | ||
} | ||
|
||
/// Fixes up and sanitizes BTF data. | ||
/// | ||
/// Mostly, it removes unsupported types and works around LLVM behaviours. | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,8 @@ | ||
use std::{ | ||
borrow::Cow, | ||
collections::{HashMap, HashSet}, | ||
fs, io, | ||
fs::{self, File}, | ||
io::{self, Read}, | ||
os::{ | ||
fd::{AsFd as _, AsRawFd as _}, | ||
raw::c_int, | ||
|
@@ -16,6 +17,8 @@ use aya_obj::{ | |
relocation::EbpfRelocationError, | ||
EbpfSectionKind, Features, | ||
}; | ||
use flate2::read::GzDecoder; | ||
use lazy_static::lazy_static; | ||
use log::{debug, warn}; | ||
use thiserror::Error; | ||
|
||
|
@@ -36,14 +39,15 @@ use crate::{ | |
SkMsg, SkSkb, SkSkbKind, SockOps, SocketFilter, TracePoint, UProbe, Xdp, | ||
}, | ||
sys::{ | ||
bpf_load_btf, is_bpf_cookie_supported, is_bpf_global_data_supported, | ||
is_btf_datasec_supported, is_btf_decl_tag_supported, is_btf_enum64_supported, | ||
is_btf_float_supported, is_btf_func_global_supported, is_btf_func_supported, | ||
is_btf_supported, is_btf_type_tag_supported, is_info_gpl_compatible_supported, | ||
is_info_map_ids_supported, is_perf_link_supported, is_probe_read_kernel_supported, | ||
is_prog_id_supported, is_prog_name_supported, retry_with_verifier_logs, | ||
self, bpf_load_btf, is_bpf_cookie_supported, is_bpf_global_data_supported, | ||
is_bpf_syscall_wrapper_supported, is_btf_datasec_supported, is_btf_decl_tag_supported, | ||
is_btf_enum64_supported, is_btf_float_supported, is_btf_func_global_supported, | ||
is_btf_func_supported, is_btf_supported, is_btf_type_tag_supported, | ||
is_info_gpl_compatible_supported, is_info_map_ids_supported, is_perf_link_supported, | ||
is_probe_read_kernel_supported, is_prog_id_supported, is_prog_name_supported, | ||
retry_with_verifier_logs, | ||
}, | ||
util::{bytes_of, bytes_of_slice, page_size, possible_cpus, POSSIBLE_CPUS}, | ||
util::{bytes_of, bytes_of_slice, page_size, possible_cpus, KernelVersion, POSSIBLE_CPUS}, | ||
}; | ||
|
||
pub(crate) const BPF_OBJ_NAME_LEN: usize = 16; | ||
|
@@ -98,6 +102,7 @@ fn detect_features() -> Features { | |
is_prog_id_supported(BPF_MAP_TYPE_DEVMAP), | ||
is_info_map_ids_supported(), | ||
is_info_gpl_compatible_supported(), | ||
is_bpf_syscall_wrapper_supported(), | ||
btf, | ||
); | ||
debug!("BPF Feature Detection: {:#?}", f); | ||
|
@@ -109,6 +114,131 @@ pub fn features() -> &'static Features { | |
&FEATURES | ||
} | ||
|
||
lazy_static! { | ||
static ref KCONFIG_DEFINITION: HashMap<String, Vec<u8>> = compute_kconfig_definition(&FEATURES); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Instead of this lazy static, we could have a KConfig type. Then we could have |
||
} | ||
|
||
fn compute_kconfig_definition(features: &Features) -> HashMap<String, Vec<u8>> { | ||
let mut result = HashMap::new(); | ||
|
||
if let Ok(KernelVersion { | ||
major, | ||
minor, | ||
patch, | ||
}) = KernelVersion::current() | ||
{ | ||
result.insert( | ||
"LINUX_KERNEL_VERSION".to_string(), | ||
{ | ||
let value = (u64::from(major) << 16) + (u64::from(minor) << 8) + u64::from(patch); | ||
value.to_ne_bytes() | ||
} | ||
.to_vec(), | ||
); | ||
} | ||
|
||
let bpf_cookie = if features.bpf_cookie() { 1u64 } else { 0u64 }; | ||
let bpf_syscall_wrapper = if features.bpf_syscall_wrapper() { | ||
1u64 | ||
} else { | ||
0u64 | ||
}; | ||
|
||
result.insert( | ||
"LINUX_HAS_BPF_COOKIE".to_string(), | ||
bpf_cookie.to_ne_bytes().to_vec(), | ||
); | ||
|
||
result.insert( | ||
"LINUX_HAS_SYSCALL_WRAPPER".to_string(), | ||
bpf_syscall_wrapper.to_ne_bytes().to_vec(), | ||
); | ||
|
||
if let Some(raw_config) = read_kconfig() { | ||
for line in raw_config.lines() { | ||
if !line.starts_with("CONFIG_") { | ||
continue; | ||
} | ||
|
||
let mut parts = line.split('='); | ||
let (key, raw_value) = match (parts.next(), parts.next(), parts.count()) { | ||
(Some(key), Some(value), 0) => (key, value), | ||
_ => continue, | ||
}; | ||
|
||
let value = match raw_value.chars().next() { | ||
Some('n') => 0_u64.to_ne_bytes().to_vec(), | ||
Some('y') => 1_u64.to_ne_bytes().to_vec(), | ||
Some('m') => 2_u64.to_ne_bytes().to_vec(), | ||
Some('"') => { | ||
if raw_value.len() < 2 || !raw_value.ends_with('"') { | ||
continue; | ||
} | ||
|
||
let raw_value = &raw_value[1..raw_value.len() - 1]; | ||
raw_value.as_bytes().to_vec() | ||
} | ||
Some(_) => { | ||
if let Ok(value) = raw_value.parse::<u64>() { | ||
value.to_ne_bytes().to_vec() | ||
} else { | ||
continue; | ||
} | ||
} | ||
None => continue, | ||
}; | ||
|
||
result.insert(key.to_string(), value); | ||
} | ||
} | ||
|
||
result | ||
} | ||
|
||
fn read_kconfig() -> Option<String> { | ||
let config_path = PathBuf::from("/proc/config.gz"); | ||
if config_path.exists() { | ||
debug!("Found kernel config at {}", config_path.to_string_lossy()); | ||
return read_kconfig_file(&config_path, true); | ||
} | ||
|
||
let Ok(release) = sys::kernel_release() else { | ||
return None; | ||
}; | ||
|
||
let config_path = PathBuf::from("/boot").join(format!("config-{}", release)); | ||
if config_path.exists() { | ||
debug!("Found kernel config at {}", config_path.to_string_lossy()); | ||
return read_kconfig_file(&config_path, false); | ||
} | ||
|
||
None | ||
} | ||
|
||
fn read_kconfig_file(path: &PathBuf, gzip: bool) -> Option<String> { | ||
let mut output = String::new(); | ||
|
||
let res = if gzip { | ||
File::open(path) | ||
.map(GzDecoder::new) | ||
.and_then(|mut file| file.read_to_string(&mut output)) | ||
} else { | ||
File::open(path).and_then(|mut file| file.read_to_string(&mut output)) | ||
}; | ||
|
||
match res { | ||
Ok(_) => Some(output), | ||
Err(e) => { | ||
warn!( | ||
"Unable to read kernel config {}: {:?}", | ||
path.to_string_lossy(), | ||
e | ||
); | ||
None | ||
} | ||
} | ||
} | ||
|
||
/// Builder style API for advanced loading of eBPF programs. | ||
/// | ||
/// Loading eBPF code involves a few steps, including loading maps and applying | ||
|
@@ -399,6 +529,7 @@ impl<'a> EbpfLoader<'a> { | |
} = self; | ||
let mut obj = Object::parse(data)?; | ||
obj.patch_map_data(globals.clone())?; | ||
obj.patch_extern_data(&KCONFIG_DEFINITION)?; | ||
|
||
let btf_fd = if let Some(features) = &FEATURES.btf() { | ||
if let Some(btf) = obj.fixup_and_sanitize_btf(features)? { | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
// clang-format off | ||
#include <vmlinux.h> | ||
#include <bpf/bpf_helpers.h> | ||
// clang-format on | ||
|
||
// CONFIG_BPF=y => 1 | ||
extern unsigned int CONFIG_BPF __kconfig; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We should test char, short, int and long here, to test different alignments |
||
// CONFIG_PANIC_TIMEOUT=0 => 0 | ||
extern unsigned int CONFIG_PANIC_TIMEOUT __kconfig; | ||
// CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120 | ||
extern unsigned int CONFIG_DEFAULT_HUNG_TASK_TIMEOUT __kconfig; | ||
// CONFIG_DEFAULT_HOSTNAME | ||
extern char CONFIG_DEFAULT_HOSTNAME[] __kconfig; | ||
|
||
SEC("xdp") | ||
int kconfig(struct xdp_md *ctx) { | ||
if (CONFIG_BPF != 1) { | ||
return XDP_DROP; | ||
} | ||
|
||
if (CONFIG_PANIC_TIMEOUT != 0) { | ||
return XDP_DROP; | ||
} | ||
|
||
if (CONFIG_DEFAULT_HUNG_TASK_TIMEOUT != 120) { | ||
return XDP_DROP; | ||
} | ||
|
||
for (int i = 0; i < 7; i++) { | ||
if ("(none)"[i] != CONFIG_DEFAULT_HOSTNAME[i]) { | ||
return XDP_DROP; | ||
} | ||
} | ||
|
||
return XDP_PASS; | ||
} | ||
|
||
char _license[] SEC("license") = "GPL"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perf wise this isn't great, as we iterate all the types for each kconfig symbol.
We should probably do one pass where we find the datasecs, then only scan those?